Debian Firefox vulnerabilities

CVE-2022-34480 [HIGH] CVE-2022-34480: firefox - Within the <code>lg_init()</code> function, if several allocations succeed but t... Within the lg_init() function, if several allocations succeed but then one fails, an uninitialized pointer would have been freed despite never being allocated. This vulnerability affects Firefox < 102. Scope: local sid: resolved (fixed in 102.0-1)

CVE-2022-36319 [HIGH] CVE-2022-36319: firefox - When combining CSS properties for overflow and transform, the mouse cursor could... When combining CSS properties for overflow and transform, the mouse cursor could interact with different coordinates than displayed. This vulnerability affects Firefox ESR < 102.1, Firefox ESR < 91.12, Firefox < 103, Thunderbird < 102.1, and Thunderbird < 91.12. Scope: local sid: resolved (fixed in 103.0-1)

CVE-2022-46878 [HIGH] CVE-2022-46878: firefox - Mozilla developers Randell Jesup, Valentin Gosu, Olli Pettay, and the Mozilla Fu... Mozilla developers Randell Jesup, Valentin Gosu, Olli Pettay, and the Mozilla Fuzzing Team reported memory safety bugs present in Thunderbird 102.5. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 108, Firefox ESR < 102.6

CVE-2022-45421 [HIGH] CVE-2022-45421: firefox - Mozilla developers Andrew McCreight and Gabriele Svelto reported memory safety b... Mozilla developers Andrew McCreight and Gabriele Svelto reported memory safety bugs present in Thunderbird 102.4. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox ESR < 102.5, Thunderbird < 102.5, and Firefox < 107. Scope: l

CVE-2022-34484 [HIGH] CVE-2022-34484: firefox - The Mozilla Fuzzing Team reported potential vulnerabilities present in Thunderbi... The Mozilla Fuzzing Team reported potential vulnerabilities present in Thunderbird 91.10. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 102, Firefox ESR < 91.11, Thunderbird < 102, and Thunderbird < 91.11. Scope: local

CVE-2022-29909 [HIGH] CVE-2022-29909: firefox - Documents in deeply-nested cross-origin browsing contexts could have obtained pe... Documents in deeply-nested cross-origin browsing contexts could have obtained permissions granted to the top-level origin, bypassing the existing prompt and wrongfully inheriting the top-level permissions. This vulnerability affects Thunderbird < 91.9, Firefox ESR < 91.9, and Firefox < 100. Scope: local sid: resolved (fixed in 100.0-1)

CVE-2022-1802 [HIGH] CVE-2022-1802: firefox - If an attacker was able to corrupt the methods of an Array object in JavaScript ... If an attacker was able to corrupt the methods of an Array object in JavaScript via prototype pollution, they could have achieved execution of attacker-controlled JavaScript code in a privileged context. This vulnerability affects Firefox ESR < 91.9.1, Firefox < 100.0.2, Firefox for Android < 100.3.0, and Thunderbird < 91.9.1. Scope: local sid: resolved (fixed in 100.

CVE-2022-46879 [HIGH] CVE-2022-46879: firefox - Mozilla developers and community members Lukas Bernhard, Gabriele Svelto, Randel... Mozilla developers and community members Lukas Bernhard, Gabriele Svelto, Randell Jesup, and the Mozilla Fuzzing Team reported memory safety bugs present in Firefox 107. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 108

CVE-2022-28284 [HIGH] CVE-2022-28284: firefox - SVG's <code>&lt;use&gt;</code> element could have been used to load unexpected c... SVG's element could have been used to load unexpected content that could have executed script in certain circumstances. While the specification seems to allow this, other browsers do not, and web developers relied on this property for script security so gecko's implementation was aligned with theirs. This vulnerability affects Firefox < 99. Scope: local sid: resolve

CVE-2022-38477 [HIGH] CVE-2022-38477: firefox - Mozilla developer Nika Layzell and the Mozilla Fuzzing Team reported memory safe... Mozilla developer Nika Layzell and the Mozilla Fuzzing Team reported memory safety bugs present in Firefox 103 and Firefox ESR 102.1. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox ESR < 102.2, Thunderbird < 102.2, and Fir

CVE-2022-31741 [HIGH] CVE-2022-31741: firefox - A crafted CMS message could have been processed incorrectly, leading to an inval... A crafted CMS message could have been processed incorrectly, leading to an invalid memory read, and potentially further memory corruption. This vulnerability affects Thunderbird < 91.10, Firefox < 101, and Firefox ESR < 91.10. Scope: local sid: resolved (fixed in 101.0-1)

CVE-2022-42930 [HIGH] CVE-2022-42930: firefox - If two Workers were simultaneously initializing their CacheStorage, a data race ... If two Workers were simultaneously initializing their CacheStorage, a data race could have occurred in the `ThirdPartyUtil` component. This vulnerability affects Firefox < 106. Scope: local sid: resolved (fixed in 106.0-1)

CVE-2022-34468 [HIGH] CVE-2022-34468: firefox - An iframe that was not permitted to run scripts could do so if the user clicked ... An iframe that was not permitted to run scripts could do so if the user clicked on a javascript: link. This vulnerability affects Firefox < 102, Firefox ESR < 91.11, Thunderbird < 102, and Thunderbird < 91.11. Scope: local sid: resolved (fixed in 102.0-1)

CVE-2022-1919 [HIGH] CVE-2022-1919: firefox - Use after free in Codecs in Google Chrome prior to 101.0.4951.41 allowed a remot... Use after free in Codecs in Google Chrome prior to 101.0.4951.41 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Scope: local sid: resolved (fixed in 101.0-1)

CVE-2022-45415 [HIGH] CVE-2022-45415: firefox - When downloading an HTML file, if the title of the page was formatted as a filen... When downloading an HTML file, if the title of the page was formatted as a filename with a malicious extension, Firefox may have saved the file with that extension, leading to possible system compromise if the downloaded file was later ran. This vulnerability affects Firefox < 107. Scope: local sid: resolved (fixed in 107.0-1)

CVE-2022-46872 [HIGH] CVE-2022-46872: firefox - An attacker who compromised a content process could have partially escaped the s... An attacker who compromised a content process could have partially escaped the sandbox to read arbitrary files via clipboard-related IPC messages.*This bug only affects Thunderbird for Linux. Other operating systems are unaffected.*. This vulnerability affects Firefox < 108, Firefox ESR < 102.6, and Thunderbird < 102.6. Scope: local sid: resolved (fixed in 108.0-1)

CVE-2022-38473 [HIGH] CVE-2022-38473: firefox - A cross-origin iframe referencing an XSLT document would inherit the parent doma... A cross-origin iframe referencing an XSLT document would inherit the parent domain's permissions (such as microphone or camera access). This vulnerability affects Thunderbird < 102.2, Thunderbird < 91.13, Firefox ESR < 91.13, Firefox ESR < 102.2, and Firefox < 104. Scope: local sid: resolved (fixed in 104.0-1)

CVE-2022-40962 [HIGH] CVE-2022-40962: firefox - Mozilla developers Nika Layzell, Timothy Nikkel, Sebastian Hengst, Andreas Pehrs... Mozilla developers Nika Layzell, Timothy Nikkel, Sebastian Hengst, Andreas Pehrson, and the Mozilla Fuzzing Team reported memory safety bugs present in Firefox 104 and Firefox ESR 102.2. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affe

CVE-2022-29918 [HIGH] CVE-2022-29918: firefox - Mozilla developers Gabriele Svelto, Randell Jesup and the Mozilla Fuzzing Team r... Mozilla developers Gabriele Svelto, Randell Jesup and the Mozilla Fuzzing Team reported memory safety bugs present in Firefox 99. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 100. Scope: local sid: resolved (fixed in 1

CVE-2022-45407 [HIGH] CVE-2022-45407: firefox - If an attacker loaded a font using <code>FontFace()</code> on a background worke... If an attacker loaded a font using FontFace() on a background worker, a use-after-free could have occurred, leading to a potentially exploitable crash. This vulnerability affects Firefox < 107. Scope: local sid: resolved (fixed in 107.0-1)